Troubling FW Logs

Discussion in 'ESET Smart Security' started by DenverWill, Nov 7, 2010.

Thread Status:
Not open for further replies.
  1. DenverWill

    DenverWill Registered Member

    Joined:
    Nov 7, 2010
    Posts:
    1
    I went away on a work trip and came back to complaints from my wife that the internet was "Really Slow".
    I did a quick look at my FW Logs and under "Internet Logs" I was seeing a LOT of connections. Her PC is the .103 address listed below.
    I basically blocked everything at my FW going to the internet (which stopped the strange activity) while I tried to figure this out, verified updates for Anti-V & Anti Spyware & Windows Updates (Vista 64) on her PC, but unfortunately when I turn the outside Internet back on all the activity resumes.

    This is what my FW is reporting:

    Internet Sessions:
    Local NAT Internet Protocol State Dir Time Out
    192.168.10.103:10883 10883 123.243.191.133:15268 UDP - OUT 50
    192.168.10.103:10883 10883 220.237.219.248:62348 UDP - OUT 58
    192.168.10.103:10883 10883 120.86.231.57:58379 UDP - OUT 58
    192.168.10.103:10883 10883 71.193.165.164:11480 UDP - OUT 57
    192.168.10.103:10883 10883 93.181.218.92:30332 UDP - OUT 55
    192.168.10.103:10883 10883 92.131.13.149:20953 UDP - OUT 55
    192.168.10.103:10883 10883 24.57.114.212:61787 UDP - OUT 52
    192.168.10.103:10883 10883 79.83.224.45:49359 UDP - OUT 49
    192.168.10.103:10883 10883 212.200.212.182:12100 UDP - OUT 61
    192.168.10.103:53521 53521 74.125.67.105:80 TCP EST OUT 2344
    192.168.10.103:53550 53550 74.125.67.132:80 TCP EST OUT 2357
    192.168.10.103:10883 10883 82.130.187.102:23878 UDP - OUT 55
    192.168.10.103:10883 10883 24.138.37.15:14892 UDP - OUT 52
    192.168.10.103:53389 53389 206.33.36.126:80 TCP EST OUT 2399
    192.168.10.103:10883 10883 190.50.185.20:37885 UDP - OUT 58
    192.168.10.103:10883 10883 95.76.70.79:18227 UDP - OUT 56
    192.168.10.103:53544 53544 74.125.67.138:80 TCP CL OUT 1
    192.168.10.103:10883 10883 211.140.143.71:33654 UDP - OUT 65
    192.168.10.103:10883 10883 118.172.160.115:8022 UDP - OUT 57
    192.168.10.103:10883 10883 83.84.188.175:12910 UDP - OUT 52
    192.168.10.103:10883 10883 222.164.120.60:48906 UDP - OUT 51
    192.168.10.103:10883 10883 24.212.53.214:11792 UDP - OUT 55
    192.168.10.103:10883 10883 121.219.140.46:30262 UDP - OUT 63
    192.168.10.103:10883 10883 95.29.115.247:27111 UDP - OUT 61
    192.168.10.103:10883 10883 72.197.207.80:50082 UDP - OUT 60
    192.168.10.103:10883 10883 221.137.47.11:16001 UDP - OUT 68
    192.168.10.103:10883 10883 211.55.95.252:60353 UDP - OUT 52
    192.168.10.103:10883 10883 92.86.196.99:32587 UDP - OUT 55
    192.168.10.100:1068 1068 8.7.94.155:30123 UDP - OUT 59
    192.168.10.100:1256 1256 70.42.244.143:3490 TCP EST OUT 2343
    192.168.10.103:10883 10883 113.199.210.75:54503 UDP - OUT 58
    192.168.10.103:10883 10883 121.135.232.28:51763 UDP - OUT 57
    192.168.10.103:10883 10883 124.254.154.92:24215 UDP - OUT 53
    192.168.10.103:10883 10883 79.117.181.10:23285 UDP - OUT 53
    192.168.10.100:7157 7157 70.42.244.143:3490 TCP EST OUT 2362
    192.168.10.103:10883 10883 123.24.189.116:15869 UDP - OUT 64
    192.168.10.103:10883 10883 94.41.215.49:57944 UDP - OUT 60
    192.168.10.103:10883 10883 78.147.18.242:25297 UDP - OUT 50
    192.168.10.103:10883 10883 123.201.193.95:24320 UDP - OUT 53
    192.168.10.103:10883 10883 112.149.179.211:19987 UDP - OUT 50
    192.168.10.103:10883 10883 89.148.3.50:43285 UDP - OUT 62
    192.168.10.103:10883 10883 213.110.68.139:56212 UDP - OUT 61
    192.168.10.103:10883 10883 95.70.69.84:35691 UDP - OUT 57
    192.168.10.103:10883 10883 95.29.10.47:56604 UDP - OUT 56
    192.168.10.103:10883 10883 173.178.193.36:6881 UDP - OUT 52
    192.168.10.103:10883 10883 111.169.2.84:11561 UDP - OUT 52
    192.168.10.103:10883 10883 122.168.206.8:44380 UDP - OUT 50
    192.168.10.103:53619 53619 205.188.192.1:80 TCP EST OUT 2394
    192.168.10.103:10883 10883 61.125.110.65:19148 UDP - OUT 53
    192.168.10.103:10883 10883 76.27.238.192:7004 UDP - OUT 56
    192.168.10.103:10883 10883 85.246.67.184:64688 UDP - OUT 58
    192.168.10.103:10883 10883 189.46.184.173:30774 UDP - OUT 53
    192.168.10.103:10883 10883 211.132.94.176:27737 UDP - OUT 64
    192.168.10.103:10883 10883 96.228.231.55:64898 UDP - OUT 54
    192.168.10.103:10883 10883 118.174.77.94:40970 UDP - OUT 59
    192.168.10.103:10883 10883 186.14.239.70:5221 UDP - OUT 54
    192.168.10.103:10883 10883 108.2.140.225:24421 UDP - OUT 64
    192.168.10.103:10883 10883 188.132.120.113:7632 UDP - OUT 53
    192.168.10.103:10883 10883 89.90.141.148:18041 UDP - OUT 60
    192.168.10.103:10883 10883 81.48.152.131:26240 UDP - OUT 54
    192.168.10.103:10883 10883 94.9.200.24:22153 UDP - OUT 56
    192.168.10.103:10883 10883 70.44.147.239:59305 UDP - OUT 62
    192.168.10.103:10883 10883 75.46.74.177:54109 UDP - OUT 61
    192.168.10.103:10883 10883 70.45.201.179:27784 UDP - OUT 50
    192.168.10.103:57793 57793 65.55.158.118:3544 UDP - OUT 58
    192.168.10.103:10883 10883 123.19.168.199:10009 UDP - OUT 51

    The PC in question has no browser windows open, no updates that I can tell are running.
    I scanned for Virus & Spybot and both are showing clean.
    I started looking at the addresses that are listed and it really is not helping much (other than some of these IP's come up as being out of the USA) so I am not sure what is going on here.
    The list shown of active connections changes every time I refresh, so this is just a sample.
    The internet is Really, Really slow so something is deffinately going on, but what?
    Anyone have any thoughts?
    Thanks...
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,924
    Location:
    U.S.A.
Thread Status:
Not open for further replies.